keys- and route- files weren't passing the should_ignore_file()
check in dir_changed() because should_ignore_file() was only
taking ifcfg- files into account. Generalize most of the ifcfg name
handling functions so that should_ignore_file() will now handle
all three variants.
Add testcases to ensure that the name handling does what we want
it to, and optimize memory usage of utils_get_ifcfg_name() a bit.
Overload the certificate and key properties to allow paths to the
certificates and keys using a special prefix for the property data.
Add API to libnm-util for easy certificate path handling, and
documentation for NMSetting8021x.
The only thing that doesn't work yet is the system-settings service's
"auto eth" connections for ethernet devices that don't have an existing
connection. Might also have issues with unmanaged devices that can't
provide a MAC address until they are brought up, but we'll see.
Plugins no longer need to hash WPA passphrases, so there's no need to keep
sha1 stuff around unless its for hasing other stuff (ifcfg-rh uses sha1
for certificate hashing for example, but has a private copy).
TLS uses the 'identity' which previously wasn't read. The private key
password should also only be used for PKCS#12 files, becuase they aren't
decrypted when read into the setting.
Private keys also need to be handled differently; PKCS#12 keys are written
out unchanged (ie, still encrypted) with their corresponding private key.
DER keys are stored in the setting unencrypted, so they are re-encrypted
before being written out to disk. But because the private key password
isn't known for DER keys, a random password must be used to re-encrypt
the key.
So that normal users who have PolicyKit authorization to edit system connections
can read secrets, move system connection secrets logic into the system connection
service from libnm-glib, and protect it with PolicyKit checks. Convert the
ifcfg-rh plugin over to using NMSysconfigConnection so that it can take advantage
of the new PolicyKit protection.
Previous code forgot to clear a temporary variable when reading IPv4
addresses from ifcfg files, and when the value being read wasn't in the
ifcfg file, it could set wrong values in the connection for that variable
even though it didn't exist.
* libnm-util/libnm-util.ver
libnm-util/nm-setting-ip4-config.c
libnm-util/nm-setting-ip4-config.h
- Add 'never-default' property, which when true indicates that a
connection should never be the default connection
* src/nm-ip4-config.c
src/nm-ip4-config.h
- (nm_ip4_config_get_never_default, nm_ip4_config_set_never_default):
Add never-default helpers
* src/NetworkManagerUtils.c
- (nm_utils_merge_ip4_config): update never-default when merging the
IP4 setting to the IP4 config
* src/NetworkManagerSystem.c
- (nm_system_apply_ip4_config): if the connection is never-default,
don't add routes without a gateway
* src/NetworkManagerPolicy.c
- (get_best_device): don't let never-default connections be the best
- (update_routing_and_dns): handle never-default for VPN connections
* system-settings/plugins/ifcfg-rh/reader.c
- (make_ip4_setting): handle never-default by checking GATEWAYDEV
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/branches/NETWORKMANAGER_0_7@4378 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* system-settings/plugins/ifcfg-rh
- Rename 'ifcfg-fedora' to 'ifcfg-rh'; it's not just used on Fedora
* system-settings/src/main.c
- (load_plugins): transparently handle ifcfg-fedora as ifcfg-rh
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4337 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2008-11-25 22:42:21 +00:00
Renamed from system-settings/plugins/ifcfg-fedora/reader.c (Browse further)
